An FBI office under criminal investigation for sending emergency phone record requests to phone companies that included knowingly false statement also included requests for the phone companies to identify the “community of interest” for the targeted phone numbers, according to documents acquired through a government sunshine lawsuit.
Those mysterious requests, first revealed by Eric Lichtblau in the New York Times on Sunday, suggest that the phone companies may be doing their own data mining and profiling on behalf of the United States government.
The office making the request is known as the Communications Analysis Unit, which is tasked with analyzing communication records for anti-terrorism investigations. More than 700 so called “exigent letters” — a number of which contained the “community of interest” language — were sent to one of three telecoms – (namely, AT&T, Verizon and MCI). AT&T and Verizon/MCI had and have contracts with the FBI to quickly turn over records (and now a third unknown telecom also gets FBI money). The letters with such language (see image) are very short. Most notably, the letter doesn’t define what a “community of interest” is, which as far as I can tell is not a defined term in the telecommunications world.
UPDATE: A knowledgeable attorney writes in to point out that the government’s Institute for Telecommunication Services defines “community of interest” as “A grouping of users who generate a majority of their traffic in calls to other members of the group. Note: The community of interest may be related to a geographic area or to an administrative organization. Synonym special interest group.” Traffic is defined as a quantitative measurement of the total messages and their length, expressed in hundreds of call seconds during a specified period of time.
That means that the FBI and the telecoms (or at least one) have together defined what a “community of interest” is. It’s unclear what the answer from the telecom company is: do they return an answer that a certain phone number belongs to say “fundamentalist Muslims in Northern New Jersey” or the “mafia cluster”?
Alternately, do they look at all the numbers in a given request, look at the numbers each of those called and then compute who those people called to look for connections at one and two degrees of separation?
The FBI has mysterious contracts with three telecoms (which include AT&T and Verizon) to pay the companies to keep call records easily searchable (normally, telecoms archive the records after a billing period passes). Each of the three telecoms gets $1.8 million per year to work with the FBI’s Telecommunications Data Collection Center.
An AT&T spokesperson declined to speak about the requests, saying the company doesn’t speak about national security matters.
The Intelligence Community and academics have worked on data mining to figure out webs of connections between individuals for years. What’s interesting here is that a unit that is supposed to make sense out of networks of records is asking a telecom to do the same for it.
What else is unknown? These requests are coming out of a rogue FBI office as part of rogue records requests (in short, not only did the office not have the power to issue legitimate requests for records, they sent these requests, saying they’d already asked a U.S Attorney to start work on a proper subpoena, when they’d done no such thing.) Did FBI agents who used real National Security Letters, a self-issued subpoena anti-terror investigators can use to get telecom records, also start asking for “communities of interest” or was this something put together by the rogue office?
Of course, phone companies are likely to already have data mining systems in place to try to figure out which customers they should be offering three-way calling or call forwarding plans to. They may even be using third-party data, such as that compiled by data brokers like ChoicePoint or Acxiom, to create detailed profiles of their customers. But has that sort of generalized lifestyle profiling been merged with data from the feds to create other categories — such as “potential drug dealer”?
The FBI has been requesting records on tens of thousands of targets (mostly non-foreigners, it turns out), and one savvy civil libertarian suggests that one shouldn’t assume that telcos are just dumb terminals receiving requests from G-Men. They may save these numbers and have created their own categories based on their own data-mining. Or they could have developed them in concert with the FBI as part of their contracts or some other agreement. In short, the request for “communities of interest” suggests that there may be a collaborative, rather than question and answer, relationship between the telephone companies and the FBI.
The FBI office which sent the fake letters may also be involved in the controversial Intensive Care Showdown over potentially illegal, warrantless surveillance.
See the original letters in this document (.pdf), acquired by the Electronic Frontier Foundation through a government sunshine request. Even more documents can be found on this page.
